About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: Question: resolution of private IP addresses

  • To: < >
  • From: Daniel Karrenberg < >
  • Date: Thu, 17 Jan 2002 16:33:41 +0100
  • Cc: DNS Working Group of RIPE < >
Greg, It is not 100% clear what you are proposing to do.
Personally I think your arguments for for not running split DNS 
sound a bit weak to me.

If you are proposing to put A RRs with RFC1918 addresses in the 
Internet DNS tree, I advise strongly against that. RFC1918 says:

   "Indirect references to such addresses should be contained within the
   enterprise. Prominent examples of such references are DNS Resource
   Records and other information referring to internal private
   addresses. In particular, Internet service providers should take
   measures to prevent such leakage."

   ...

   "If an enterprise uses the private address space, or a mix of private
   and public address spaces, then DNS clients outside of the enterprise
   should not see addresses in the private address space used by the
   enterprise, since these addresses would be ambiguous."

Also note that many applications need correct reverse mapping from addresses
to names, which can only be solved by local "split" DNS.

Regards

Daniel 

At 03:23 PM 1/16/2002, you wrote:
>Dear all,
>
>I have a simple question regarding the resolution of hostnames with private
>IP addresses.
>
>One of our corporate customers would like to (mis)use DNS to allow the
>resolution of intranet hosts. The customer operates its own global VPN but
>for operational reasons cannot install / manage local DNS it each and every
>of its locations. Also, the customer does not want to operate a centralised
>intranet DNS service as the Internet connectivity, which is local in each
>country, in some of its remote locations would be severely affected (as DNS
>requests would take inordinate amount of time).
>
>I have tried to research this but could not find anything that would be
>prevent the resolution to private IP addresses. The main concern is that
>ISP's would filter out their DNS cache to prevent this.
>
>Any comments?
>
>Best regards,
>
>Greg Cipollone
>Technischer Direktor
>
>
>***************************************************************
>Twinwave Intranet und Internet Services GmbH
>Schmidtstr. 51, 60326 Frankfurt
>Tel.: +49-69-75 086-0, Fax: +49-69-75 086-555
>E-Mail: g.cipollone@localhost
>Web-Seite: http://www.twinwave.net
>***************************************************************
  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community